![](/screenshots/9ccffe43-3645-4a3a-8466-db3b1b005ae3.png)
folkia.no
Open in
urlscan Pro
52.214.7.229
Public Scan
Effective URL: https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F...
Submission: On December 14 via manual from DK
Summary
TLS certificate: Issued by Amazon on August 18th 2020. Valid for: a year.
This is the only time folkia.no was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 54.38.117.120 54.38.117.120 | 16276 (OVH) (OVH) | |
1 1 | 13.48.168.251 13.48.168.251 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 52.214.7.229 52.214.7.229 | 16509 (AMAZON-02) (AMAZON-02) | |
7 | 13.224.195.64 13.224.195.64 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2a00:1450:400... 2a00:1450:4001:81a::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:820::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:81d::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:825::2003 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:809::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 151.101.114.110 151.101.114.110 | 54113 (FASTLY) (FASTLY) | |
1 | 104.111.224.160 104.111.224.160 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 2a00:1450:400... 2a00:1450:400c:c0c::9a | 15169 (GOOGLE) (GOOGLE) | |
2 | 162.247.242.18 162.247.242.18 | 23467 (NEWRELIC-...) (NEWRELIC-AS-1) | |
1 | 193.0.160.128 193.0.160.128 | 54312 (ROCKETFUEL) (ROCKETFUEL) | |
1 | 193.0.160.129 193.0.160.129 | 54312 (ROCKETFUEL) (ROCKETFUEL) | |
25 | 14 |
ASN16509 (AMAZON-02, US)
PTR: ec2-13-48-168-251.eu-north-1.compute.amazonaws.com
track.adtraction.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-7-229.eu-west-1.compute.amazonaws.com
folkia.no |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-64.fra2.r.cloudfront.net
di1ayey5e6wxt.cloudfront.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-224-160.deploy.static.akamaitechnologies.com
c1.rfihub.net |
ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-6.nr-data.net
bam.nr-data.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
cloudfront.net
di1ayey5e6wxt.cloudfront.net |
2 MB |
4 |
gstatic.com
fonts.gstatic.com |
39 KB |
3 |
google-analytics.com
www.google-analytics.com |
37 KB |
2 |
rfihub.com
a.rfihub.com 20765588p.rfihub.com |
685 B |
2 |
nr-data.net
bam.nr-data.net |
451 B |
1 |
doubleclick.net
stats.g.doubleclick.net |
81 B |
1 |
rfihub.net
c1.rfihub.net |
7 KB |
1 |
newrelic.com
js-agent.newrelic.com |
11 KB |
1 |
googleapis.com
fonts.googleapis.com |
947 B |
1 |
googletagmanager.com
www.googletagmanager.com |
33 KB |
1 |
folkia.no
folkia.no |
34 KB |
1 |
adtraction.com
1 redirects
track.adtraction.com |
514 B |
1 |
takethisemail.com
mouse.takethisemail.com |
324 B |
25 | 13 |
Domain | Requested by | |
---|---|---|
7 | di1ayey5e6wxt.cloudfront.net |
folkia.no
di1ayey5e6wxt.cloudfront.net |
4 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | www.google-analytics.com |
folkia.no
www.googletagmanager.com |
2 | bam.nr-data.net |
js-agent.newrelic.com
folkia.no |
1 | 20765588p.rfihub.com |
c1.rfihub.net
|
1 | a.rfihub.com |
c1.rfihub.net
|
1 | stats.g.doubleclick.net |
folkia.no
|
1 | c1.rfihub.net |
mouse.takethisemail.com
|
1 | js-agent.newrelic.com |
folkia.no
|
1 | fonts.googleapis.com |
di1ayey5e6wxt.cloudfront.net
|
1 | www.googletagmanager.com |
folkia.no
|
1 | folkia.no | |
1 | track.adtraction.com | 1 redirects |
1 | mouse.takethisemail.com | |
25 | 14 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
mouse.takethisemail.com Sectigo RSA Domain Validation Secure Server CA |
2020-12-01 - 2021-11-29 |
a year | crt.sh |
folkia.no Amazon |
2020-08-18 - 2021-09-17 |
a year | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2020-05-26 - 2021-04-21 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-10-23 - 2021-05-07 |
6 months | crt.sh |
*.rfihub.net DigiCert SHA2 Secure Server CA |
2020-04-01 - 2021-07-01 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
*.nr-data.net DigiCert SHA2 Secure Server CA |
2020-02-05 - 2022-02-08 |
2 years | crt.sh |
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA |
2020-06-18 - 2022-06-18 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A
Frame ID: 7DC02B497F4CA9684168E86981147467
Requests: 24 HTTP requests in this frame
Frame:
https://20765588p.rfihub.com/ca.html?rfiidc=1871597490234164236&rfiaid=cbb18648082f437fbcedfc6abf3a54e4&ver=9&rb=30288&ca=20765588&_o=30288&_t=20765588&pe=https%3A%2F%2Ffolkia.no%2F%3Futm_source%3Dadtraction%26utm_medium%3Dcpa%26utm_campaign%3Dadtraction%26at_gd%3D8E654213EF88744B737A574B618F55DFF541B35A&pf=https%3A%2F%2Fmouse.takethisemail.com%2Fcampaign%2Fclicked%2FNTk3ODk2Nzc%253D__MTQ1__NzE2MTg5Mg%253D%253D__MzA%253D%2FaHR0cHM6Ly90cmFjay5hZHRyYWN0aW9uLmNvbS90L3Q%2523%2523YT0zRDc1NDQ1NTYwNyZhcz0zRDE1NTM3MzE4NjYmdD0zRDImdGs9M0Qx%3Fc%3D59789677&ra=6227960855201162
Frame ID: 898BD726D4820A1F3ACED2D5AFF3EB0D
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/9ccffe43-3645-4a3a-8466-db3b1b005ae3.png)
Page URL History Show full URLs
- https://mouse.takethisemail.com/campaign/clicked/NTk3ODk2Nzc%3D__MTQ1__NzE2MTg5Mg%3D%3D__MzA%3D/aHR0cHM6Ly90... Page URL
-
https://track.adtraction.com/t/t?a=754455607&as=1553731866&t=2&tk=1
HTTP 302
https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213... Page URL
Detected technologies
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://mouse.takethisemail.com/campaign/clicked/NTk3ODk2Nzc%3D__MTQ1__NzE2MTg5Mg%3D%3D__MzA%3D/aHR0cHM6Ly90cmFjay5hZHRyYWN0aW9uLmNvbS90L3Q%23%23YT0zRDc1NDQ1NTYwNyZhcz0zRDE1NTM3MzE4NjYmdD0zRDImdGs9M0Qx?c=59789677 Page URL
-
https://track.adtraction.com/t/t?a=754455607&as=1553731866&t=2&tk=1
HTTP 302
https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
aHR0cHM6Ly90cmFjay5hZHRyYWN0aW9uLmNvbS90L3Q%23%23YT0zRDc1NDQ1NTYwNyZhcz0zRDE1NTM3MzE4NjYmdD0zRDImdGs9M0Qx
mouse.takethisemail.com/campaign/clicked/NTk3ODk2Nzc%3D__MTQ1__NzE2MTg5Mg%3D%3D__MzA%3D/ |
117 B 324 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
![]() folkia.no/ Redirect Chain
|
33 KB 34 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
application-ade11d6c9fc4f69f1d0be7a9914b785e.css
di1ayey5e6wxt.cloudfront.net/assets/ |
199 KB 200 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modernizr.custom-07cdd846d9479141366fe100b09eb45c.js
di1ayey5e6wxt.cloudfront.net/assets/ |
9 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
application-c56cc46c2b3038926e7b4025506fcd54.js
di1ayey5e6wxt.cloudfront.net/assets/ |
431 KB 431 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
91 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
9 KB 947 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2
fonts.gstatic.com/s/merriweather/v22/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
brand_white-10bfbbbf7dca548e78e9db526079a75c.svg
di1ayey5e6wxt.cloudfront.net/assets/ |
4 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background-folkefinans-balloon-55b3ac5a437e4c2d09f9ca323d417b80.jpg
di1ayey5e6wxt.cloudfront.net/assets/ |
2 MB 2 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
folkia-e32ea447552458037645c5a201f87a9f.woff
di1ayey5e6wxt.cloudfront.net/assets/oslo/ |
77 KB 77 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
folkiano-793768828422e4bd73c698e8b264d72b.woff
di1ayey5e6wxt.cloudfront.net/assets/ |
2 KB 3 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-1184.min.js
js-agent.newrelic.com/ |
27 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
2 B 64 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
analytics.js
www.google-analytics.com/ |
46 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tc.min.js
c1.rfihub.net/js/ |
20 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 81 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
47c519667b
bam.nr-data.net/1/ |
57 B 275 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
idr.js
a.rfihub.com/ |
83 B 685 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() 20765588p.rfihub.com/ Frame 898B |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
47c519667b
bam.nr-data.net/events/1/ |
24 B 176 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
43 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| NREUM object| newrelic function| __nr_require object| dataLayer string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| html5 object| Modernizr function| yepnope object| I18n object| _base object| handlebars object| errorProps function| $ function| jQuery object| jQuery110109453927044209458 object| Folkia function| Spinner object| Handlebars object| SecondLevelDomains function| URI function| Cookies object| google_tag_manager function| _rfi function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
folkia.no/ | Name: at_gd Value: 8E654213EF88744B737A574B618F55DFF541B35A |
|
.folkia.no/ | Name: _gat_UA-26231029-1 Value: 1 |
|
.folkia.no/ | Name: _gid Value: GA1.2.2044180873.1607934854 |
|
.folkia.no/ | Name: _ga Value: GA1.2.1817358632.1607934854 |
|
folkia.no/ | Name: _folkiano_session Value: BAh7CEkiD3Nlc3Npb25faWQGOgZFVEkiJThjMWI3MGZiNDJiNmYwODAxNDQ3ZDFmMTk2OGQ3NGUzBjsAVEkiCmZvcmNlBjsARkl1OglUaW1lDcgtHoB94daICjoNbmFub19udW1pAqUDOg1uYW5vX2RlbmkGOg1zdWJtaWNybyIHkzA6C29mZnNldGkAOgl6b25lSSIIVVRDBjsARkkiEF9jc3JmX3Rva2VuBjsARkkiMTRHQXhSN0taTXI0NDRPeFl1SkpSWnM4ZEtNWjM1OUNacGMvTUlidm1FUXM9BjsARg%3D%3D--6e8ebd2a99c2d3a1e3f715f77693268d0006e978 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
20765588p.rfihub.com
a.rfihub.com
bam.nr-data.net
c1.rfihub.net
di1ayey5e6wxt.cloudfront.net
folkia.no
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
mouse.takethisemail.com
stats.g.doubleclick.net
track.adtraction.com
www.google-analytics.com
www.googletagmanager.com
104.111.224.160
13.224.195.64
13.48.168.251
151.101.114.110
162.247.242.18
193.0.160.128
193.0.160.129
2a00:1450:4001:809::2003
2a00:1450:4001:81a::200e
2a00:1450:4001:81d::200a
2a00:1450:4001:820::2008
2a00:1450:4001:825::2003
2a00:1450:400c:c0c::9a
52.214.7.229
54.38.117.120
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
16268716fcbbaa513938b4336846b57256e314e995b8d7a90288868105327fff
1726b3535c5ba4963a9e4a43de21441d371789d418cbf7019fd1a4dcd0452a1e
3a1c1a5dac2ce470b408ff2efebcd00d05df6be0ec62bc902b11d77a61678a61
4abf1e62bc9d190d007e911231e46566bfd739a8f6ff0faadc5bb59e70589654
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5652818afab440b2d8fc9b31949689f71633e220f425970491d04d2777ab915f
5f1f197aa35c0d654f8fd2cf7f0993476e8f324f5dea63ccae9a4804bf905d6c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77
7cc939bc1d7ebef85fcdbf5e8274735b8084c9db08bf2d68d93f24fb3cacec66
8b2e5ce9ec3fe3c651688b0dbce31755f9c4c507abef82aa02b6a3404773d61b
a330682294173f843ebd54b44157f0573a7d9de55899e611c9378c8af0e72a6f
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a7fe6c6aee503ba59a1a8f692766c301acb8345056fddd5e14a660e7f82857aa
b2e68f7c26f73a949ae91766d5b381e45b4705062bb1a123c3ea99df47851a5b
cb2bb21705b9cce9781d02c9223f3344a65bd5314027d11c5a8518ad4bd84e84
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e4fa437e044d3f739bd5e4aa2d1bd94e3952e888baec655763cd7969576001da
e893254beeb8ac46e6984e0c2c47a01ed07d9d3078c0546b47bc8c5ddf8c3982